![]() ![]() ![]() ![]() Without any conditions, the traffic passes without inspection. The rule's conditions allow for traffic inspection and take a defined action (allow, block, or count). The control fails if no conditions are present within a rule.Ī WAF Regional rule can contain multiple conditions. This control checks whether an Amazon WAF Regional rule has at least one condition. Related requirements: 5 AC-4(21), 5 SC-7, 5 SC-7(11), 5 SC-7(16), 5 SC-7(21)Ĭategory: Protect > Secure network configurationĪmazon Config rule: waf-regional-rule-not-empty A WAF Regional rule should have at least one condition You mustĬhoose a delivery stream that has a name that begins with For more information, seeĭelivery stream in the Amazon Kinesis Data Firehose Developer Guide.Ĭhoose the web ACL to enable logging for.Ĭhoose the Kinesis Data Firehose delivery stream that you created earlier. If you capture logs for Amazon CloudFront, create ForĮxample, aws-waf-logs-us-east-2-analytics.Ĭreate the Kinesis Data Firehose delivery stream with a PUT source and in The name must start with the prefix aws-waf-logs. Open the Kinesis Data Firehose console atĬreate a Kinesis Data Firehose delivery stream. It also providesĭetailed information about the traffic that is analyzed by the web ACL that is Organizations, and allows you to troubleshoot application behavior. It is a business and compliance requirement in many Logging is an important part of maintaining the reliability, availability, and ThisĬontrol fails if logging is not enabled for the web ACL. This control checks whether logging is enabled for an Amazon WAF global web ACL. Amazon WAF Classic Global Web ACL logging should be enabled These controls are related to Amazon WAF resources. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |